TTLS authentication slow
rupert.finnigan at googlemail.com
Tue Nov 13 21:21:27 CET 2007
Windows doesn't natively, but with the help of SecureW2
(http://www.securew2.com) it does quite well. Install it and select it
as a EAP Type on the Authenication Tab when you setup your wireless
On 13/11/2007, Artur Hecker <hecker at wave-storm.com> wrote:
> Maybe I missed it, but what client do you use? Windows does not yet
> support TTLS natively.
> On 13 Nov 2007, at 16:23, Alan DeKok wrote:
> > Allan Riordan Boll wrote:
> >> The problem is that authenticating takes around 20 seconds. While
> >> running the server in a terminal with the -X flag, I see that my
> >> Windows
> >> XP client first makes one TLS request, then waits ~20 seconds, then
> >> makes two more TLS requests and four TTLS requests all together
> >> taking
> >> less than one second. After these last six requests the client is
> >> immediately online.
> > It sounds like a weird Windows issue...
> >> Can anyone hint me on why the client waits for so long before
> >> doing the
> >> requests it needs? Is my Freeradius server erroneously defaulting the
> >> client to use TLS instead of TTLS, and confusing the client?
> > No. Many people are running FreeRADIUS with Windows clients (XP
> > SP1,
> > SP2, Vista), and most authentications happen very quickly. I'm not
> > sure
> > why the Windows machines would take so long.
> > Maybe try it with a different access point.
> >> I've written a radiusd.conf from scratch, so that the server only
> >> runs
> >> the modules I actually use, hoping this is safer and easier to
> >> administrate. Please feedback if anyone have any comments on this
> >> approach.
> > If it works...
> > If it doesn't work, go back to the default config.
> > Alan DeKok.
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
> > users.html
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users